Security Audit

rds

github.com/itsmostafa/aws-agent-skills

AI SkillCommit e9e01ada13b6

TRUSTED

Scanned 9 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

rds received a trust score of 87/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 0 high, 2 medium, and 0 low severity. Key findings include Hardcoded weak password in AWS CLI example, Hardcoded weak password in boto3 example.

The analysis covered 4 layers: manifest_analysis, llm_behavioral_safety, static_code_analysis, dependency_graph. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 11, 2026 (commit e9e01ada). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

86%

Security Findings2

Severity	Finding	Layer	Location
MEDIUM	Hardcoded weak password in AWS CLI example The skill provides an AWS CLI example for creating an RDS instance that includes a hardcoded, weak password ('SecurePassword123!'). While this is an example, it promotes poor security practices and could lead users to deploy resources with easily guessable or hardcoded credentials. Best practices, as mentioned later in the document, suggest using Secrets Manager or IAM authentication. Replace the hardcoded password with a placeholder indicating a strong, securely managed password (e.g., `[YOUR_SECURE_PASSWORD_HERE]` or a reference to AWS Secrets Manager). Add a note emphasizing the importance of strong, unique, and securely managed passwords, preferably via AWS Secrets Manager or IAM authentication.	Unknown	SKILL.md:65
MEDIUM	Hardcoded weak password in boto3 example The skill provides a boto3 Python example for creating an RDS instance that includes a hardcoded, weak password ('SecurePassword123!'). While this is an example, it promotes poor security practices and could lead users to deploy resources with easily guessable or hardcoded credentials. Best practices, as mentioned later in the document, suggest using Secrets Manager or IAM authentication. Replace the hardcoded password with a placeholder indicating a strong, securely managed password (e.g., `[YOUR_SECURE_PASSWORD_HERE]` or a reference to AWS Secrets Manager). Add a note emphasizing the importance of strong, unique, and securely managed passwords, preferably via AWS Secrets Manager or IAM authentication.	Unknown	SKILL.md:93

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/3f4273c95cbf953c.svg)](https://skillshield.io/report/3f4273c95cbf953c)